Apple SUS server 5.2: Re-enabling & Re-activating Updates?

Question

Has anyone else seen OS X Server’s SUS server re-enable a software update after it was explicitly removed/disabled by the admin?

I'm seeing a situation in which both Safari 10.0 and 10.0.1 are both getting downloaded and enabled - against my will! I'm runnning my SUS 5.2 on OS X 10.11.6.

It's a pain because I have a couple intranet services that don't work with Safari 10 yet (ADFS, ServiceNow etc).

My end user’s Macs are magically getting Safari 10.x from my SUS.  Every time I check the SUS Safari 10 is downloaded and enabled again. Doh!

I have seen Apple's SUS do weird things in the past - but not this.

NowAllTheTime · Answer

I've seen this with ours. With Apple sunsetting SUS anyway, we decided to just start ignoring updates via a policy that runs a script like this:#!/bin/bash# Reset existing ignored updates in the softwareupdate servicesudo softwareupdate --reset-ignored# Set software updates in the array &#034;updatesToIgnore&#034; to be ignored by the softwareupdate serviceupdatesToIgnore=( Safari10.0ElCapitan Safari10.0Yosemite )for badUpdate in &#034;${updatesToIgnore[@]}&#034;do    sudo softwareupdate --ignore &#034;$badUpdate&#034;done

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded